Given the extreme hyper-focus on session theft through packet capture and replay - ahem, FireSheep - in sites like Twitter and FaceBook, it's interesting to see how difficult it is, or if its even possible, to enable HTTPS throughout a popular, high-traffic site that we use every day...

The criteria for making the list require that the application be a consumer or end-user product that is not classified as being malicious by reporting outlets and which contains at least one critical vulnerability...

Privacy advocate Christopher Soghoian did some snooping of his own through the Freedom of Information Act and found that Google charged the DEA $25 per case for access to user data. Yahoo, in an ongoing to effort to best Google at something, charged the agency $29 per case...

Creating systems to easily and quickly un-encrypt data could produce a threat to sensitive information that would otherwise remain secure. The widely publicized Aurora attacks originating in China used back-doors that were originally created to give the government easy access to communications..

Information Week reports that a New York judge has ordered Google to reveal the identity of a cyberstalker who has anonymously posted video and messages on the Internet. The videos included sexual slurs and damaging information that could affect the woman’s reputation and career...

Koobface, on the scene since 2008, has been one of the most notoriously successful botnet operations ever tracked, though not necessarily the most insidious, as the network has never sought to capitalize on its full potential...

The discovery that volumes of data were so readily available should be a wake up call to businesses and individuals who leave their WiFi systems unsecured, and should also prove to demonstrate the government's willingness to probe such violations of privacy...

The effort being focused on Google would be far better spent on educating users about the hazards. Google is caught being an identifiable target. The Street Wise vehicle cruising down the block every few years is not a serious hazard to privacy and security...

Connecticut's Attorney General, Richard Blumenthal, is representing a 37-state coalition in the US. The coalition is looking into the privacy and security issues with Google Street View, especially related to their data collection from personal and company Wi-Fi networks without permission...

Just a quick note on the recent Google announcement about dumping Windows for desktops in favor of Linux and Mac OS X. As you can see from the linked article, there is a lot of hype about this move in the press. Unfortunately, dumping Windows as a risk reducer is just plain silly.

Our team had the opportunity to test Google’s recently released web application scanner known as SKIPFISH. Touted as an active reconnaissance tool, SKIPFISH claims to present an interactive site map for a targeted site by performing a myriad of recursive crawls and discretionary based probes.

According to a report in the Financial Times, Google are phasing out the use of Microsoft's Windows within the company because of security concerns. Citing several Google employees, the FT report reports that new hires are offered the option of using Apple Mac systems or PCs running Linux. The move is believed to be related to a directive issued after Google's Chinese operations were attacked in J...

Last month the German government decided that it needed to take a closer look into Google's data collection methods. Google's Street View cars are equipped with wireless antenna's and pick up any available wireless signal along the way. It was originally thought that the Street view cars were just collecting SSID and MAC address to provide location based services to mobile users. It turns out that...

Code named Gaia after “Greek Goddess of Earth” a Google single sign on password system was hacked in December. Google is a significant part of many individuals and businesses online activities. Millions rely on Google every day to be fast, functional and most important, secure. A breach such as this may erode the confidence of Google users, but for many, they have all their egg...

In recent months, there has been Google and now Facebook vying to use our data on the Web. Google were the first with their Buzz product, using all our Gmail contacts to start a social network. This received a heavy amount of criticism for its invasion of privacy, from which, in my opinion, it has never fully recovered.